Overview

overview

10

Static

static

10

2025-02-07...er.exe

windows7-x64

1

2025-02-07...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-07_b02d3f6c87765c0d3093f12db02250ea_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250207-c76qvsxmcr

  • MD5

    b02d3f6c87765c0d3093f12db02250ea

  • SHA1

    dcadebabfe02bbc18b41e1fe4e32fb95e1add1a0

  • SHA256

    3e6188f6fe54fbf9740d071f8415a21a9d76417ef10636969ca29daf12cf33f3

  • SHA512

    5185d4d16af04c9a374a2543466d458e9cb9ca4b6d56772b0dae7383e9a9cfc8de7f97724a7a430923a08020854cc389bb502ec403bb39c6b64a2aea2bbf6795

  • SSDEEP

    49152:KX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q+:KlRsZ47/QXoHUOfAoj1x6+

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.vetor.tech:443/agent.ashx

Attributes
  • mesh_id

    0x17C17D5B96ABBC7FED5546FC984A8D0C19B1F9052F847655DF965B71AF6ED8C4098F9FB7857803FA8AD1AD10C5233E37

  • server_id

    923F9B6EED1A39C4CB28FE342DE5E239C36C7136DC8C275DDEB76860A0C7D7273E1A99A58CB988F9A7B5FD666F19B504

  • wss

    wss://mesh.vetor.tech:443/agent.ashx

Targets

    • Target

      2025-02-07_b02d3f6c87765c0d3093f12db02250ea_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      b02d3f6c87765c0d3093f12db02250ea

    • SHA1

      dcadebabfe02bbc18b41e1fe4e32fb95e1add1a0

    • SHA256

      3e6188f6fe54fbf9740d071f8415a21a9d76417ef10636969ca29daf12cf33f3

    • SHA512

      5185d4d16af04c9a374a2543466d458e9cb9ca4b6d56772b0dae7383e9a9cfc8de7f97724a7a430923a08020854cc389bb502ec403bb39c6b64a2aea2bbf6795

    • SSDEEP

      49152:KX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q+:KlRsZ47/QXoHUOfAoj1x6+

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks